π΅οΈββοΈ DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.
π΅οΈββοΈ Ransomware Attack Triggers Widespread Outage at Ingram Micro π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Ransomware Attack Triggers Widespread Outage at Ingram Micro
The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.
π΅οΈββοΈ 'Hunters International' RaaS Group Closes Its Doors π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Hunters International RaaS Group Closes Its Doors
The announcement comes just months after security researchers observed that the group was making the transition to rebrand as World Leaks, a data theft outfit.
π€1
π΅οΈββοΈ Chrome Store Features Extension Poisoned With Sophisticated Spyware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Chrome Store Features Extension Poisoned With Sophisticated Spyware
A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites.
π¦Ώ Applying Agentic AI to Legacy Systems? Prepare For These 4 Challenges π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
In this TechRepublic exclusive, a chief innovation officer provides guidance on addressing challenges when deploying AI agents in legacy software environments.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Applying Agentic AI to Legacy Systems? Prepare For These 4 Challenges
In this TechRepublic exclusive, a chief innovation officer provides guidance on addressing challenges when deploying AI agents in legacy software environments.
π¦Ώ FBI Warning: Scattered Spider Hackers Are Targeting Airlines, Too π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Scattered Spider hackers are now targeting airlines with advanced social engineering tactics to bypass MFA and breach critical systems, the FBI warns.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
FBI Warning: Scattered Spider Hackers Are Targeting Airlines, Too
Scattered Spider hackers are now targeting airlines with advanced social engineering tactics to bypass MFA and breach critical systems, the FBI warns.
ποΈ SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization SEO poisoning techniques to deliver a known malware loader called Oyster aka Broomstick or CleanUpLoader. The malvertising activity, per Arctic Wolf, promotes fake websites hosting trojanized versions of legitimate tools like PuTTY and WinSCP, aiming to trick software professionals.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Everything feels secureuntil one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats dont start with alarmsthey sneak in through the little things we overlook. A tiny bug, a reused password, a quiet connectionthats all it takes. Staying safe isnt just about reacting fast. Its about catching these early signs.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Manufacturing Security: Why Default Passwords Must Go ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
If you didn't hear about Iranian hackers breaching US water facilities, it's because they only managed to control a single pressure station serving 7,000 people. What made this attack noteworthy wasn't its scale, but how easily the hackers gained access by simply using the manufacturer's default password "1111." This narrow escape prompted CISA to urge manufacturers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan RAT called DRAT. The activity has been attributed by Recorded Future's Insikt Group to a threat actor tracked as TAG140, which it said overlaps with SideCopy, an adversarial collective assessed to be an operational subcluster within.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Iran-Aligned Hacking Group Targets Middle Eastern Governments π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Iranaligned BladedFeline group has been observed targeting the government of Iraq and KRG with advanced malware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Researchers Share CitrixBleed 2 Detection Analysis After Initial Hold π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Vulnerability research company WatchTowr published a detection analysis for the Citrix Blled 2 flaw.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Researchers Share CitrixBleed 2 Detection Analysis After Initial Hold
Vulnerability research company WatchTowr published a detection analysis for the Citrix Blled 2 flaw
π Hackers Target Employee Credentials Amid Spike in ID Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have observed a 156 increase in credential theft incidents between 2024 and Q1 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hackers Target Employee Credentials Amid Spike in ID Attacks
Cybersecurity researchers have observed a 156% increase in credential theft incidents between 2024 and Q1 2025
π Qantas Contacted by Potential Cybercriminal Following Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Qantas said it is currently validating the contact, and has informed law enforcement.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Qantas Contacted by Potential Cybercriminal Following Data Breach
Qantas said it is currently validating the contact, and has informed law enforcement
π Hundreds of Malicious Domains Registered Ahead of Prime Day π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Check Point has discovered over 1000 suspicious domains registered in the runup to Amazon Prime Day.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π IT Giant Ingram Micro Reveals Ransomware Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Distributor Ingram Micro says it has found ransomware on its internal systems.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π¦
Ongoing Phishing Campaign Utilizes LogoKit for Credential Harvesting π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Ongoing Phishing Campaign Utilizes LogoKit for Credential Harvesting " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202507NewCybleBlogs91300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202507NewCybleBlogs911024x512.jpg" title"Ongoing Phishing Campaign Utilizes LogoKit for Credential Harvesting 1" Key Takeaways The initial phishing link we identified mimicked the Hungary CERT login page, with the victim's email address prefilled in the username field to enhance credibility and increase the likelihood of credential submission. The phishing pages were hosted on Amazon S3 AWS to stay under the radar and increase credibility among potential victims. The phishing pages integrate Cloudflare Turnstile to create a false sense of security and legitimacy...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
LogoKit Being Leveraged For Credential Theft
CRIL analyzes an ongoing LogoKit phishing campaign that pulls brand assets from Clearbit and Google Favicon.
π¦
Phishing, Pivots, and Persistence: A Look into Japanβs Q1 2025 Cyber Threat Landscape π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
JPCERT " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202507JPCERT300x150.webp" datalargefile"httpscyble.comwpcontentuploads202507JPCERT1024x512.webp" title"Phishing, Pivots, and Persistence A Look into Japans Q1 2025 Cyber Threat Landscape 2" As cybercriminals evolve their techniques and tactics, defenders must stay several steps ahead to minimize the risk and damage. The latest Q1 2025 Incident Handling Report from Japans JPCERT Coordination Center JPCERTCC provides a frontrow seat into the most pressing threats facing Japanese networks this quarterand the findings should concern organizations far beyond Japan. Between January and March 2025, JPCERTCC responded to 3,974 incidents, marking a 10 increase in case coordination compared to the previous quarter. The ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π¦Ώ North Korean Hackers Deploy Rare Nim-Based Malware on macOS to Target Web3 Startups π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A new Nimbased malware campaign targets macOS users in crypto and Web3 firms, using novel persistence tricks and encrypted communication.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
North Korean Hackers Deploy Rare Nim-Based Malware on macOS to Target Web3 Startups
A new Nim-based malware campaign targets macOS users in crypto and Web3 firms, using novel persistence tricks and encrypted communication.
π΅οΈββοΈ North American APT Uses Exchange Zero-Day to Attack China π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
North American APT Uses Exchange Zero-Day to Attack China
Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.
β€1
π Four Arrested in Connection with April UK Retail Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The NCA has arrested four individuals on suspicion of involvement in the attacks on MS, Coop and Harrods.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Four Arrested in Connection with April UK Retail Attacks
The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods